谷歌中国开发者社区 (GDG)
  • 主页
  • 博客
    • Android
    • Design
    • GoogleCloud
    • GoogleMaps
    • GooglePlay
    • Web
  • 社区
    • 各地社区
    • 社区历史
    • GDG介绍
    • 社区通知
  • 视频
  • 资源
    • 资源汇总
    • 精选视频
    • 优酷频道

Firewall rules logging: a closer look at our new network compliance and security tool

2018-10-20adminGoogleCloudNo comments

Source: Firewall rules logging: a closer look at our new network compliance and security tool from Google Cloud

As you migrate your workloads to the cloud, you need full visibility into accesses into your cloud workloads, to ensure that every established connection is authorized, and that every unwanted connection attempt is successfully blocked. As we announced last week, we are boosting Google Cloud Platform’s (GCP) network security audit and forensic capabilities with the introduction of firewall rule logging, allowing you to track every connection that has been allowed or denied in your VM instances, in near-real-time.

A part of our Network Telemetry offerings, firewall rules logging let you audit, verify, and analyze the effects of your firewall rules. In other words, you can validate that every connection established in your workload matches the conditions in your allow-access firewall rules; and similarly, that every connection matching a deny-access firewall rule is blocked.

Additionally, firewall logs shows allowed or denied connection records every five seconds, providing you with near real-time visibility into potential security risks.

firewall_logs.png

Firewall logs captures coverage of all firewalls applied to every workload, including:

  • Allow and deny firewall rules

  • Ingress and egress connections

  • Connections from within a VPC and from the internet

The logs generated by this process produce records that  include a variety of data points, including the connection’s 5-tuple, whether the disposition was ALLOWED or DENIED, and which rule that was applied at the time of the log. You can also  natively export this data to Stackdriver Logging or BigQuery. Or, using Cloud Pub/Sub, you can export these logs to any number of real-time analytics or SIEM platforms.

Debug, audit and analyze your network security

The availability of firewall rules logging is useful for a wide variety of network security operations tasks:

  • Network security debugging – Firewall logs allows you to troubleshoot network connections, telling you in near real-time whether your 5-tuple connections were allowed or denied, by which firewall rule name and the exact conditions.

  • Network security forensics – Firewall logs allows you to investigate suspicious and unwanted network behavior, for example, large numbers of unauthorized connections from specific sources that are being blocked from access.

  • Network security auditing and compliance: Firewall logs also helps you ensure compliance, by logging every allowed connection and blocked unauthorized attempt at any given time. It also flags and logs VM instances trying to initiate unauthorised egress connections.

  • Real-time security analysis – With the Cloud Pub/Sub API, you can easily export your logs into any SIEM ecosystem that you may already be using.

To learn more about firewall rules loggings, including how to get started and pricing, please visit the documentation and product page.

除非特别声明,此文章内容采用知识共享署名 3.0许可,代码示例采用Apache 2.0许可。更多细节请查看我们的服务条款。

Tags: Cloud

Related Articles

New research: what sets top-performing DevOps teams apart

2018-08-29admin

Build an AI-powered, customer service virtual agent with Chatbase

2019-01-24admin

AI in depth: monitoring home appliances from power readings with ML

2019-02-16admin

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code class="" title="" data-url=""> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong> <pre class="" title="" data-url=""> <span class="" title="" data-url="">

Recent Posts

  • Five new investments for the Google Assistant Investments program
  • Expanding target API level requirements in 2019
  • The service mesh era: Securing your environment with Istio
  • Launchpad Accelerator Mexico now accepting startup applications
  • On the Path to Cryogenic Control of Quantum Processors

Recent Comments

  • Chen Zhixiang on Concurrent marking in V8
  • admin on 使用 Android Jetpack 加快应用开发速度
  • 怪盗kidou on 使用 Android Jetpack 加快应用开发速度
  • 鸿维 on Google 帐号登录 API 更新
  • admin on 推出 CVPR 2018 学习图像压缩挑战赛

Archives

  • February 2019
  • January 2019
  • December 2018
  • November 2018
  • October 2018
  • September 2018
  • August 2018
  • July 2018
  • June 2018
  • May 2018
  • April 2018
  • March 2018
  • February 2018
  • January 2018
  • December 2017
  • November 2017
  • October 2017
  • September 2017
  • August 2017
  • July 2017
  • June 2017
  • May 2017
  • April 2017
  • March 2017
  • February 2017
  • January 2017
  • December 2016
  • November 2016
  • October 2016
  • September 2016
  • August 2016
  • May 2016
  • April 2016
  • March 2016
  • February 2016
  • January 2016
  • December 2015
  • November 2015
  • October 2015
  • September 2015
  • August 2015
  • July 2015
  • June 2015
  • January 1970

Categories

  • Android
  • Design
  • Firebase
  • GoogleCloud
  • GoogleDevFeeds
  • GoogleMaps
  • GooglePlay
  • Google动态
  • iOS
  • Uncategorized
  • VR
  • Web
  • WebMaster
  • 社区
  • 通知

Meta

  • Log in
  • Entries RSS
  • Comments RSS
  • WordPress.org

最新文章

  • Five new investments for the Google Assistant Investments program
  • Expanding target API level requirements in 2019
  • The service mesh era: Securing your environment with Istio
  • Launchpad Accelerator Mexico now accepting startup applications
  • On the Path to Cryogenic Control of Quantum Processors
  • Re-thinking federated identity with the Continuous Access Evaluation Protocol
  • Real-time diagnostics from nanopore DNA sequencers on Google Cloud
  • Google Cloud Next ‘19 session guide now available
  • Making AI-powered speech more accessible—now with more options, lower prices, and new languages and voices
  • Cloud Services Platform—bringing hybrid cloud to you

最多查看

  • 谷歌招聘软件工程师 (21,041)
  • Google 推出的 31 套在线课程 (20,139)
  • 如何选择 compileSdkVersion, minSdkVersion 和 targetSdkVersion (18,761)
  • Seti UI 主题: 让你编辑器焕然一新 (12,693)
  • Android Studio 2.0 稳定版 (8,963)
  • Android N 最初预览版:开发者 API 和工具 (7,934)
  • 像 Sublime Text 一样使用 Chrome DevTools (5,950)
  • Google I/O 2016: Android 演讲视频汇总 (5,520)
  • 用 Google Cloud 打造你的私有免费 Git 仓库 (5,506)
  • 面向普通开发者的机器学习应用方案 (5,201)
  • 生还是死?Android 进程优先级详解 (4,971)
  • 面向 Web 开发者的 Sublime Text 插件 (4,140)
  • 适配 Android N 多窗口特性的 5 个要诀 (4,105)
  • 参加 Google I/O Extended,观看 I/O 直播,线下聚会! (3,477)
© 2018 中国谷歌开发者社区 - ChinaGDG